Out of Bounds Write Vulnerability in CP_Dump Driver by UNISOC
CVE-2022-48438

4.4MEDIUM

Key Information:

Vendor: Unisoc (shanghai) Technologies Co., Ltd.
Status: Sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000
Vendor: CVE Published:; 6 June 2023

🔔 Create Unisoc (shanghai) Technologies Co., Ltd. Vulnerability Alert

What is CVE-2022-48438?

The vulnerability in the CP_Dump driver is characterized by a potential out of bounds write that occurs due to a lack of proper bounds checking. This flaw can lead to a local denial of service situation, necessitating system execution privileges for exploitation. Proper security measures are essential to prevent any unauthorized access or disruption of service.

Affected Version(s)

SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 Android11/Android12/Android13

References

https://www.unisoc.com/en_us/secy/announcementDetail/1664...

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 6, 2023
Vulnerability Reserved
Apr 13, 2023